Gulf Bank Swaps Four Security Products for the CrowdStrike Falcon Platform

The CISO of Gulf Bank is on a cybersecurity consolidation journey with CrowdStrike. Here’s why.

November 22, 2024

| | Endpoint Security & XDR

The Middle East’s financial sector, particularly in Kuwait, faced a surge of sophisticated cyberattacks starting in 2018. For Gulf Bank, a leading financial institution in Kuwait, this wave of attacks was a wakeup call that spurred a pivotal shift in its cybersecurity strategy.

Enter Ross McNaughton. Hired by Gulf Bank as CISO in 2019, McNaughton is known within the banking industry as a change agent for cybersecurity programs. With a mandate to build resilience against emerging threats, his first priority was to assess the bank’s existing defenses and set a course to ensure long-term protection in an increasingly active threat environment.

“When I came in, the mantra was no breaches,” McNaughton recalled. “There was an appetite for risk aversion, and the need to achieve a high level of cybersecurity maturity quickly was paramount.” That’s when Gulf Bank turned to CrowdStrike.

The Challenge with Layered Solutions

When McNaughton joined Gulf Bank, he inherited a complex web of security solutions. Multiple endpoint products were layered on top of each other in an attempt to protect the bank’s infrastructure. While it had achieved broad coverage, the setup was costly and inefficient, as visibility required manually correlating multiple solutions. 

“We had coverage, but it was unsustainable. We were paying for four different endpoint solutions, which slowed us down and cost the business significantly in terms of performance overhead,” McNaughton said.

The CISO planned a journey for consolidation. After evaluating several cybersecurity platforms, Gulf Bank chose the AI-native CrowdStrike Falcon® platform. The Falcon platform converges security and IT to protect key areas of risk, and it allowed Gulf Bank to easily deploy through a single, lightweight agent then manage its security from a unified console.

CrowdStrike endpoint security gives the bank comprehensive protection while simplifying security management. “Literally every endpoint, every server and every kiosk is now protected by CrowdStrike,” said McNaughton.

Gulf Bank chose CrowdStrike Falcon® Complete Next-Gen MDR to manage its endpoint security deployment. Today, the Falcon Complete Next-Gen MDR team acts as a seamless extension of Gulf Bank’s security team, delivering 24/7 expert monitoring, proactive threat hunting, integrated threat intelligence and full-cycle remediation delivered by CrowdStrike experts. 

“CrowdStrike was the right choice for us because it delivered better security while also allowing us to consolidate,” said McNaughton. “The platform’s effectiveness in capturing threats, including those that could potentially slip through previous tools due to the complexity in product management and updates, gave us the confidence we needed.”

The Power of Cybersecurity Consolidation

Consolidating on CrowdStrike wasn’t just about streamlining operations — it was about driving meaningful business outcomes for Gulf Bank. The benefits of this move were both operational and financial. By retiring multiple platforms and standardizing on CrowdStrike, Gulf Bank saw immediate improvements in security operations visibility and cost savings.

“We went from running five agents on each endpoint down to one,” noted McNaughton. “This not only reduced the burden on our IT teams but also freed up valuable CPU cycles, improving system performance across the bank. We were able to give back computing power to the business for more critical tasks.”

The benefits of consolidation extended to the bank’s analysts as well. Prior to deploying CrowdStrike, security analysts were constantly swivel-chairing between multiple interfaces and dashboards, slowing down their ability to detect and respond to threats, and map issues between platforms. With CrowdStrike, they get a unified platform that simplifies threat monitoring, reduces complexity and accelerates incident response times.

“One of the biggest advantages we’ve seen is how much faster our analysts can work now,” said McNaughton. “Before, they had to jump between different consoles to figure out if an alert was real. With CrowdStrike, everything is in one place.”

This consolidation also delivered significant cost benefits. Gulf Bank was able to sunset several other vendors and reduce its overall operational expenditure. The bank’s cyber insurance premiums also dropped due to the Falcon Complete Breach Prevention Warranty.

Optimizing for Growth and Resilience

With the success of CrowdStrike’s deployment and consolidation, Gulf Bank is now setting its sights on the future. The next phase of the bank’s five-year cybersecurity roadmap involves further optimizing and maturing its security posture, all while keeping a laser focus on business outcomes and risk reduction.

“We’re constantly evaluating new opportunities for consolidation,” said McNaughton. “We need as much consolidation as possible to maintain efficiency and reduce complexity. The bank is highly risk-averse, and they want to know we’ve covered every possible angle.”

As Gulf Bank continues its journey, the focus remains on maintaining resilience in the face of evolving threats. The bank’s leadership is committed to ensuring that its cybersecurity strategy is not only robust but also aligned with its long-term business goals.

“We’re hyper aware of the evolving threat landscape in Kuwait,” McNaughton concluded. “With CrowdStrike, we’re confident that we’re protected from what comes next.”

With its consolidated and forward-looking security strategy, Gulf Bank is well-positioned to navigate the ever-changing threat landscape, keeping its customers and operations secure while optimizing for future growth.

Breaches Stop Here